Blog

Protecting Access to Government Databases under Public Records Law

By Andrew F. SellarsJanuary 11th, 2019
Technology Law Clinic students Patrick Wilson (BUSL '20), Ally Faustin (BUSL '20), Zach Sisko (BUSL '19), and Lyndsey Wajert (BUSL '19), outside of the John Adams Courthouse after the oral argument.

On Thursday, the Supreme Judicial Court of Massachusetts heard arguments in the case Boston Globe Media Partners, LLC v. Department of Public Health. The Clinic filed an amicus curiae brief (PDF) in the case on behalf of the editorial staff of The Tech, the MIT student newspaper, together with the Reporters Committee for Freedom of the Press, Metro Corp. (publisher of Boston magazine), the New England Center for Investigative ReportingNew England First Amendment Coalition, the New England Newspaper and Press Association, the New York Times Company, North of Boston Media Group (publisher of several regional newspapers in northeastern Massachusetts and southern New Hampshire), and the editorial staff of the Free Press, the newspaper of the University of Southern Maine. 

The case concerns a request that the Boston Globe made under the Massachusetts Public Records Law (PRL) for an electronic copy of two databases containing Massachusetts birth and marriage records, held by the Department of Public Health. The records in question contain only basic information related to births and marriages, and are already made available to the public on an individual level. The Department denied the request, arguing among other things that the disclosure of the entire set of records would be an unwarranted invasion of privacy, and thus is exempt under specific provisions in the PRL.

The amicus brief, filed in support of the Boston Globe, brings a combination of law, data science, and examples from journalism to show why disclosure of this set of records does not create any privacy harms. Quoting from the brief:

This Court should not abandon its well-settled framework for evaluating exemption requests predicated on privacy concerns under the PRL simply because the Records contain numerous entries. To the extent that large datasets are different than other records, they can be analyzed simply by distinguishing between the “breadth” and the “depth” of the dataset in question. “Broad” but “shallow” datasets, like the Records here, which relate to numerous individuals but contain few details, pose much lower privacy risks than “deep” datasets of any breadth, which contain detailed information about each person in the set. […] In this case, because these Records contain very little information about each person, disclosing the Records will not create any new privacy risks.

The brief also gives a variety of examples of where journalists used records like these on stories about government accountability and other issues of public concern.

"The editors at The Tech were happy to participate in this amicus brief," said Emma Bingham, Editor in Chief of The Tech. "As both journalists and students at one of the world’s top technical institutes, we understand the value of data access. We hope the Department of Public Health datasets in question in this case will soon be available to all newspapers, so that they use them to continue to hold our government accountable and produce interesting and informative reporting. We believe this is especially important for small local and university newspapers, which play an important role in their communities, but often have fewer resources to spend gathering data."

Clinic students Alexandra Faustin (BUSL '20), Zachary Sisko (BUSL '19), Lyndsey Wajert (BUSL '19), and Patrick Wilson (BUSL '20) drafted the brief, with help from Clinic director Andy Sellars, Visiting Clinical Assistant Professor Julissa Milligan, and attorneys at the Reporters Committee for Freedom of the Press.

We are now the Technology Law Clinic

By David GrossJanuary 3rd, 2019
Andy Sellars, director of the Technology Law Clinic, and Jim Wheaton, director of the Startup Law clinic, at the BU/MIT Clinics Celebration and Reunion on November 2, 2018.
Andy Sellars (left), director of the Technology Law Clinic, and Jim Wheaton, director of the Startup Law Clinic, at the BU/MIT Clinics Celebration and Reunion on November 2, 2018.

We're starting 2019 off with a change to our name! As of January 1, we are now officially the BU/MIT Technology Law Clinic, instead of the Technology & Cyberlaw Clinic.

We announced this change on November 2, at a gathering of clinic alumni and community members. Our sister clinic is now named the BU/MIT Startup Law Clinic (instead of the Entrepreneurship and Intellectual Property Clinic). Both clinics remain under the Entrepreneurship, Intellectual Property, and Cyberlaw Program at BU Law.

We found our new names to be a natural outgrowth of our first few years of operation, as they tend to be the way in which each clinic is understood by students at BU and MIT — our clinic focusing on all technology-related legal issues, and our colleagues focusing on business startup issues. Both clinics bring high-quality representation on matters of intellectual property law, with our clinic focusing as well on data privacy and cybersecurity matters, and the Startup Law Clinic focusing on business and finance matters.

The Technology Law Clinic and the Startup Law Clinic both look forward to continuing to provide exceptional legal services to BU and MIT students on their research, projects, and ventures.

 

 

Panel discussion on “Digital Muckraking and Undercover Browsing,” October 18

By Andrew F. SellarsOctober 3rd, 2018

October 18, 12:30pm – 2pm
BU Law, Room 410

A panel discussion with faculty from BU School of Law, BU College of Communications, investigative journalists, and the Reporters Committee for Freedom of the Press.

A growing number of researchers, journalists, and investigators are developing tools and techniques to understand the way in which private technology companies regulate online content and commerce. These include web scrapers, puppet accounts, and numerous other data-gathering technologies. Use of these tools however, can present legal risks under state and federal anti-hacking laws, as well as other related legal issues. Join a panel of lawyers, journalists, and free press advocates, to discuss how this tension is playing out and what it means for one's right to research and right to know.

Panelists will include:

  • Andy Sellars, Director of the BU/MIT Technology & Cyberlaw Clinic, BU School of Law
  • Maggie Mulvihill, Associate Professor of the Practice of Computational Journalism, BU College of Communications
  • Gabe Rottman, Director of the Technology and Press Freedom Project, Reporter's Committee for Freedom of the Press
  • Saurabh Datar, Data Journalist, The Boston Globe
  • Isaiah Thompson, Investigative Reporter, WGBH

The event is free and lunch will be provided. To help us estimate food, please RSVP to Prof. Mulvihill at mmulvih@bu.edu no later than October 15.

Massachusetts Non-Competition Reform: Students Exempt Starting October 1

By Technology & Cyberlaw ClinicSeptember 26th, 2018

By Lauren Hoepfner 

Attention all 150,000+ students in Boston: starting October 1, short-term student employees can no longer be bound by noncompetition agreements after they leave a job.

Massachusetts recently passed a sweeping reform that prohibits the enforcement of noncompetition agreements, or “noncompetes,” against both undergraduate and graduate students. Under the new law, employers cannot enforce noncompetes against full or part-time students who are hired for an internship or other short-term employment, whether paid or unpaid.

For noncompetes to be enforceable against non-student employees and independent contractors, they must be reasonable in scope to protect a legitimate business interest as well as limited to one year and to the geographic area where the employee worked in the prior two years. The noncompete must be supported by a “garden leave” clause—an agreement to pay the employee during the restricted period—or another mutually-agreed benefit to the employee, and provided to the employee at least ten days before employment begins.

The new law goes into effect on October 1, 2018.

What is a noncompete?

A noncompete is an agreement between an employer and a current or prospective employee that prohibits the employee from working for a competitor after they leave their job. Noncompetes are often signed before an employee or independent contractor starts work—either as a stand-alone agreement or within an employment contract.

Employers use noncompetes to prevent former employees from disclosing valuable information or using inside knowledge to benefit a competitor. But Massachusetts has long recognized that noncompetes can be abused by employers to prevent their employees from jumping ship, rather than simply protecting the company’s information. To protect workers from this type of abuse and promote competition for talent, Massachusetts has only allowed employers to enforce a noncompete if it was “necessary to protect legitimate business interest, reasonably limited in time and space, and consonant with the public interest.” In short, noncompetes had to target a specific business interest rather than simply serving as an employee retention tool. For example, a noncompete that prohibited a former bank executive from soliciting the bank’s customers for a period of time may be valid, but an agreement prohibiting a hairstylist from working at a different salon would not be enforced.

Now there are even stronger limits.

What noncompetes are covered by the reform bill?

The reforms only apply to post-termination noncompetes, or agreements that restrict an employee’s choice of work after leaving the company. Concurrent noncompetes—agreements that prohibit employees from working for competitors while employed—remain valid and enforceable.

The law is not retroactive. The law exempts noncompetes signed before October 1, including those signed by interns, and these agreements may still be enforceable. Noncompetes signed before October 1 will still have to protect a legitimate business interest, be reasonably limited in time and space, and consonant with public policy to be enforceable. However, in light of the reform, there may be some appetite among employers to reevaluate and update existing noncompetes as a best practice.

What does the new law say?

            For students – 

Students cannot be bound by a noncompete, and any noncompete signed by an intern after October 1, 2018 will not be enforceable.

A noncompetition agreement shall not be enforceable against . . . undergraduate or graduate students that partake in an internship or otherwise enter a short-term employment relationship with an employer, whether paid or unpaid, while enrolled in a full-time or part-time undergraduate or graduate educational institution.

Who is a “student”? The law covers undergraduate and graduate students enrolled full-time or part-time in a college or university. It applies to paid and unpaid internships and short-term employment.

This means that students have the right to let their employers know that any noncompete provision included in an employment contract cannot be enforced against them. Savvy employers may look to other agreements (see below), to restrict student employees’ behavior, so students should look through all agreements carefully and seek legal advice if they have questions.

BU and MIT students, feel free to come and talk to us!

            For hourly employees – 

Employees who are “nonexempt” and overtime eligible under the Fair Labor Standards Act (FLSA) also cannot be bound by noncompetes under the new law. Nonexempt employees under the FLSA are typically compensated hourly rather than by salary, and do not have a guaranteed minimum compensation amount. Nonexempt employees also typically do not perform high-level executive, professional, or administrative work. The new law prohibits the enforcement of noncompetes against this category of employees.

Like students, hourly employees can push back against employers who include noncompete provisions in employment agreements. They should also pay close attention to the terms of other agreements (see below) that may restrict their behavior in other ways.

            For all employees – 

Noncompetes entered into on or after October 1 are only valid for one year after the end of employment, and they must be limited in scope. To be valid and enforceable, a noncompete must be in writing, signed by both the employer and employee, and provided to the employee at least 10 days before employment begins.

The agreement can be no broader than necessary to protect an employer’s “legitimate business interest.” Under the law, the noncompete must be targeted at protecting an employer’s trade secrets, confidential information that does not qualify as a trade secret, and/or the employer’s goodwill. For example, a noncompete agreement can be targeted at protecting business plans, but cannot be targeted at protecting the employer from competition generally. The employer must show that the interest can’t be protected by a less restrictive agreement like a nonsolicitation or a nondisclosure agreement.

It must be supported by a garden leave clause—an agreement to pay the employee during the restricted period—or another mutually-agreed benefit to the employee. Garden leave clauses must provide at least 50% of the employee’s highest salary in the 2 years preceding the employee’s termination. Other benefits could include stock options or a signing bonus.

A noncompete can’t last longer than 12 months, and can only apply to the geographic area in which the employee worked for the last 2 years. Finally, the agreement must be consonant with public policy. For example, courts have held that noncompetes signed by sandwich shop workers, hair dressers, or other blue-collar workers are against public policy because these low-wage workers would be severely limited in their post-termination employment opportunities.

What can employers do to protect confidential information?

Although the new law places limits on noncompetes, companies still have many ways to protect confidential and sensitive information provided to students and hourly employees. And of course, there are separate protections for a company’s trade secrets.

The law does not apply to other agreements that protect company information. Employers can still require employees, including student interns and hourly workers, to sign the following agreements:

  • Nondisclosure agreements (NDAs): NDAs promote confidentiality by preventing employees from disclosing proprietary information gained in the course of their employment.
  • Proprietary Information and Inventions Assignments (PIIAs): PIIAs ensure that all relevant intellectual property created or contributed to by an employee during the term of his employment remains the property of the employer.
  • Nonsolicitation agreements: These agreements may (a) prohibit employees from solicitating a company’s clients or customers for his or her own benefit or for the benefit of a competitor after leaving the company; (b) prohibit a former employee from poaching current employees; (c) prohibit a former employee from transacting business with the former employer’s customers, clients, or vendors.
  • Other agreements that the new law expressly does not restrict the use of are (a) noncompetes made in connection with the sale of a business entity; (b) noncompetes outside of an employment relationship (i.e. independent contractor agreements); (c) forfeiture agreements; (d) garden leave clauses; (e) noncompetes drafted at the cessation of employment; and (f) agreements where an employee agrees not to reapply for employment at the same employer after termination.

Employers will likely turn to these other employment agreements to fill gaps left by the absence of noncompetes, and as a result, make them more restrictive.

If you own or operate a business, the above-mentioned agreements can provide alternative ways to protect your company’s intellectual property and confidential information. But remember, these alternative agreements must be reasonable and targeted at protecting confidential information in order to be enforceable.

*   *   *

Lauren Hoepfner is a 3L at BU Law and the summer 2018 Matthew Z. Gomes Fellow with the Entrepreneurship & Intellectual Property Clinic. She is most interested in corporate governance and compliance. 

CIA ordered to produce additional records in clinic FOIA case

By Andrew F. SellarsSeptember 24th, 2018
Members of the TCLC clinic who worked on Dr. Johnson's case, outside of the Moakley Courthouse after oral argument. From left to right: Lindsay Ladner (BUSL '18), Katherine Welch (BUSL '18), Mandy Wang (BUSL '18), TCLC client Dr. Amy Johnson, Audra Sawyer (BUSL '18), and TCLC Director Andy Sellars

For the past two years, the Technology & Cyberlaw Clinic has represented Amy Johnson, a PhD student (now graduate) of MIT in a Freedom of Information Act case against the Central Intelligence Agency. Earlier this year the CIA asked the court to close the case, arguing that they had now finished processing this request and were under no obligation to produce specific parts of Dr. Johnson's request. In April, TCLC student Audra Sawyer (BUSL '18) argued in opposition to the CIA's motion, saying that the CIA's search was inadequate, aspects of her request had yet to be fulfilled, and the material that was redacted under FOIA should be disclosed.

We're happy to report that last week the United States District Court for the District of Massachusetts sided with our client, and ordered the CIA to produce additional records in response to Dr. Johnson's FOIA request, and un-redact some of the produced records.

The records sought in the FOIA request relate to the CIA’s Twitter account. The CIA launched this account in June 2014, and it is now one of the few outlets by which the CIA regularly communicates with the public. In an unusual move for a federal agency, the CIA frequently humor and sarcasm when communicating with the public. Critics and scholars have wondered why the CIA would decide to take this contentious and unconventional approach when communicating with the public online. Dr. Johnson's request sought records that would shed light on the decision to design the account in this way, how users are instructed to operate the account, and the applications that the CIA uses to manage its account.

Dr. Johnson was one of the first clients of the clinic, and numerous TCLC students have worked with her on this case over the past two years. Clinic students Gabriella Andriulli (BUSL '17), Tavish Brown (BUSL '17), and Wes Howe (BUSL '17) from the clinic's inaugural class worked on the pre-litigation negotiations and complaint in the case. Summer 2017 students Courtney Merrill (BUSL '19) and Luke Sutherland (BUSL '19) worked on several of the early-stage litigation matters. Students Audra Sawyer (BUSL '18), Darija Micovic (BUSL '18), Katherine Welch (BUSL '18), Lindsay Ladner (BUSL '18), and Mandy Wang (BUSL '18) from the clinic's 2017–18 class worked on the summary judgment briefing and oral argument. Summer 2018 students Rachael Walker (BUSL '20), Patrick Wilson (BUSL '20), and Sally Gu (BUSL '20) worked on some additional briefing that was raised after oral argument. Current TCLC students Lyndsey Wajert (BUSL '19) and Danielle Deluty (BUSL '19) are working on the next phase of the case.

Dr. Johnson received funding to file this suit from the National Freedom of Information Coalition, through a grant from the John S. and James L. Knight Foundation.

The opinion is Johnson v. CIA, --- F. Supp. 3d ---, 2018 WL 4440541 (D. Mass. Sept. 17, 2018). You can read some of the documents in the case here:

Additional reading:

Fair Use in Copyright Presentation at BUild Lab (April 5, 2018)

By David GrossApril 4th, 2018

Update: Click here to view the slides from the presentation.

Are you using someone else's copyrighted material?

Fair Use In Copyright Flyer (presentation at BUild Lab at 12:30pm on 4/5)

Please bring your lunch and join the Technology & Cyberlaw Clinic at 12:30pm in the BUild Lab for an Innovation Law Brown Bag Lunch Talk as we discuss copyrightable material, fair use, and the rights to your work.

Topics include:

  • Does your business use images from the internet?
  • Do you photocopy references guides for easy access?
  • Who has the rights to your work—you or your employer?
  • Would you like to know more about the do’s and don’ts of fair use for business purposes?
  • How the Technology & Cyberlaw Clinic can help

We'd love it if you would RSVP here, although it's not required. 

The Entrepreneurship, Intellectual Property, and Cyberlaw Program's Innovation Law Brown Bag Lunch Talks bring BU Law faculty and students to the BUild Lab for presentations on a variety of legal issues often faced by student entrepreneurs, innovators, researchers, ventures, and startups.

 

Matthew Z. Gomes Fellowship Fund Promotes Diversity through Summer Fellowships

By David GrossMarch 28th, 2018

We are happy to announce the Matthew Z. Gomes Fellowship Fund at Boston University School of Law. The fund supports two summer fellowships, one with the Technology & Cyberlaw Clinic and one with our companion clinic, the Entrepreneurship & Intellectual Property Clinic. The fellowships are open to BU Law students. Applications for both summer fellowships are due on Monday, April 2, 2018.

Established in memory of Mr. Gomes’s son, the Matthew Z. Gomes Fellowship Fund was created to promote diversity and inclusion in the fields of technology, cyberlaw, and intellectual property law. By supporting students from communities and populations underrepresented in the technology space as they gain experience in law school, Mr. Gomes hopes these fellowships will help build a pipeline of talented young attorneys prepared to practice in the technology and intellectual property spaces.

For more on the fellowships, see the announcement from BU Law.

 

BU Law Students: Clinic Applications Due Friday (March 30)

By David GrossMarch 27th, 2018

Applications for students wishing to join the Technology & Cyberlaw Clinic for the 2018-19 academic year are due by 5pm on Friday, March 30. Applications for our companion clinic, the Entrepreneurship & Intellectual Property Clinic, are also due on Friday. Students can apply to either clinic online.

Both clinics are part of the BU/MIT Entrepreneurship, Intellectual Property, and Cyberlaw Program and work exclusively with current students at MIT and BU on their innovation-related projects and ventures. You can learn more about each clinic's work below:

Technology & Cyberlaw Clinic

In the Technology & Cyberlaw Clinic, BU Law students advise students on laws and regulations that may affect their innovation-related academic and extracurricular activities. These areas may include intellectual property, data privacy, cybersecurity, academic freedom and digital civil liberties, public records requests, and regulatory compliance issues in technology. Students may also provide limited litigation and dispute resolution-related assistance in these areas, negotiating on behalf of clients in transactions and disputes with third parties and representing students in response to cease-and-desist letters and threats of litigation.

Key Focus Areas:

  • Counseling, pre-litigation, and some litigation
  • Intellectual property, with a focus on use of third-party IP
  • Digital privacy and cybersecurity
  • Digital civil liberties, academic freedom, and use of the law as an academic research tool

Entrepreneurship & Intellectual Property Clinic

In the Entrepreneurship & IP Clinic, students advise student entrepreneurs who are seeking to establish or grow real businesses. Under direct faculty supervision, students draft organizational documents, partnership or shareholder agreements, employment and other contracts, work on a variety of matters typically encountered by entrepreneurs in an early-stage business regarding issues such as employment, tax, business formation and choice of entity issues, and capital structure and financing, and undertake IP work such as patentability analysis and advice, licensing agreements, trademark searches and applications, copyright registrations, clearances, and fair use opinions.

Key Focus Areas:

  • Transactional and counseling work
  • Intellectual property, with a focus on IP ownership and transfer
  • Startup-related corporate law matters, including entity formation, shareholder agreements, capital structure, and founders issues

Web Scraping and the Law: This Thursday at the BUild Lab

By Andrew F. SellarsFebruary 26th, 2018

innovate-logo

Web Scraping and the Law

Thursday, March 1
Noon - 1pm
BUild Lab, 730 Commonwealth Ave.

Boston University
(enter at the red awning next to Pavement Coffee)

We and our colleagues at the Entrepreneurship & Intellectual Property Clinic have marked the launch of Innovate@BU with an Innovation Law Brown Bag Lunch Talk Series, happening most Thursdays at the brand new BUild Lab. This week clinic director Andy Sellars will be reviewing the current law around the practice of "web scraping," or the systematic retrieval of information from websites using an automated script. There have been dozens of cases that have looked at the legality of this activity, and the presentation will review what's settled and what's not with this common online information gathering technique.

Particular points of discussion will include:

  • Applications of web scraping in research and entrepreneurship
  • What legal issues to consider when designing a scraping project
  • How to identify legal red flags when scraping
  • What to do if a website tells you to stop

We hope to see you there!